Datagram Transport Layer Security Protocol Research Articles

Data Protection in IoT using CoAP based on Enhanced DTLS

The Internet of Things (IoT), refers to all the infrastructures and technologies put in place to operate various objects through an Internet connection, it is about connected objects. One of the most frequently used IoT application protocols is the Constrained Application Protocol (CoAP) that matches restricted computers. CoAP is a solution for in-regulated data formats and a high security to protect government-related data from cyber-attacks. CoAP advises using DTLS (Datagram Transport Layer Security) to provide robust security of the UDP-based TLS edition. Initially, DTLS was planned for conventional networks. Therefore, a heavyweight solution is created by moving the protocols over the resource-limited computers. Unfortunately, DTLS has some security issues regarding the management of keys and its vulnerability against common cyber-attacks especially Denial of Service (DoS). Thus, a security approach is important to secure CoAP-based IoT infrastructures from these attacks. In our work, we propose to secure IoT data using enhanced DTLS protocol over CoAP. The enhancement DTLS make it possible to prevent DoS and Distributed DoS attacks. In our proposition, we apply a thrusted party (TP) to which we delegate the process of the authentication and authorization of clients. In addition, the TP is responsible of the verification of IP addresses in order to mitigate attackers from flooding the network with fake hello messages

Cyber Secure Framework for Smart Containers Based on Novel Hybrid DTLS Protocol

The Internet of Things (IoTs) is apace growing, billions of IoT devices are connected to the Internet which communicate and exchange data among each other. Applications of IoT can be found in many fields of engineering and sciences such as healthcare, traffic, agriculture, oil and gas industries, and logistics. In logistics, the products which are to be transported may be sensitive and perishable, and require controlled environment. Most of the commercially available logistic containers are not integrated with IoT devices to provide controlled environment parameters inside the container and to transmit data to a remote server. This necessitates the need for designing and fabricating IoT based smart containers. Due to constrained nature of IoT devices, these are prone to different cyber security attacks such as Denial of Service (DoS), Man in Middle (MITM) and Replay. Therefore, designing efficient cyber security framework are required for smart container. The Datagram Transport Layer Security (DTLS) Protocol has emerged as the de facto standard for securing communication in IoT devices. However, it is unable to minimize cyber security attacks such as Denial of Service and Distributed Denial of Service (DDoS) during the handshake process. The main contribution of this paper is to design a cyber secure framework by implementing novel hybrid DTLS protocol in smart container which can efficiently minimize the effects of cyber attacks during handshake process. The performance of our proposed framework is evaluated in terms of energy efficiency, handshake time, throughput and packet delivery ratio. Moreover, the proposed framework is tested in IoT based smart containers. The proposed framework decreases handshake time more than 9% and saves 11% of energy efficiency for transmission in compare of the standard DTLS, while increases packet delivery ratio and throughput by 83% and 87% respectively.

Enhanced constrained application protocol for secured medical data transmission model for internet of things

AbstractThe medical data produced from various sensors of sensitive information so there is a need to secure them through security solutions. At present, many security solutions are available in the market to secure the medical data. Transport layer security (TLS) is designed to transfer the client from the client to the server in a more secure manner. The major advantage of using TLS is it will not lose any data while transferring the message from client to server. Datagram transport layer security (DTLS) is designed specifically to use in constrained networks. The DTLS protocol consists of major components like base protocol, record layer, and handshake protocol. The main disadvantage of DTLS is the attacker can send multiple Hello messages to the server. This can cause an attack against the server and this attack encourages a new connection between the client and server and also it increases required bandwidth and resources for every message. The main objective of the proposed work is to use the constrained application protocol (CoAP) with DTLS in place of user datagram protocol (UDP) for the secure transmission of data. To evaluate the efficiency of the system, the packet loss ratio, data transmission time, and handshake time are calculated.

Enhanced DTLS with CoAP-based authentication scheme for the internet of things in healthcare application

As health data are very sensitive, there is a need to prevent and control the health data with end-to-end security solutions. In general, a number of authentication and authorization schemes are available to prevent and protect the sensitive data, which are collected with the help of wearable Internet of Things (IoT) devices. The transport layer security (TLS) protocol is designed to transfer the data from source to destination in more reliable manner. This protocol enables a user to overcome the no lost or reordered messages. The more challenge with TLS is to tolerate unreliability. In order to overcome this issue, Datagram transport layer security (DTLS) protocol has been designed and used in low-power wireless constrained networks. The DTLS protocol consists of a base protocol, record layer, handshake protocol, ChangeCipherSpec and alert protocol. The complex issue with the DTLS protocol is the possibility of an attacker could send a number of ClientHello messages to a server. This scenario would cause a denial-of-service (DOS) attack against the server. This DoS attack enables new connection between the attacker and server, increasing attacker bandwidth, and allocation of resources for every ClientHello message. In order to overcome this issue, we have proposed a smart gateway-based authentication and authorization method to prevent and protect more sensitive physiological data from an attacker and malicious users. The enhanced smart gateway-based DTLS is demonstrated with the help of Contiki Network Simulator. The packet loss ratio is calculated for the CoAP, host identity protocol, CoAP-DTLS and CoAP-enhanced DTLS to evaluate the performance of the proposed work. Data transmission and handshake time are also calculated to evaluate the efficiency of the enhanced DTLS.

Towards an Efficient Datagram Transport Layer Security for Constrained Applications in Internet of Things

The Internet of Things has profoundly modified the usual vision of protocols, particularly in terms of energy constraints. Low-power sensor networks are now one of the key enablers for the Internet of Things, where sensors will play a significant role in the future internet by collecting the surrounding context and environment information. Security is one of the most challenges in this type of network. The existing solutions proposed to secure communication in wireless networks are not suitable. The contribution of this paper is to reduce the cost of communication of the datagram transport layer security protocol DTLS and to improve the weakness of the cookies exchange in the handshake process against deny of service attacks. The proposed enhanced cryptography protocol is integrated into the constrained application protocol to reduce the cost in terms of messages and size taken by the security layer in each message. The evaluation of the proposed protocol is performed on the Contiki operating system, for the internet of things, and compared with the original version of the DTLS protocol. The results show that the enhanced DTLS protocol offers a good performance in comparison with the original version of the protocol in terms of packet overhead, handshake time duration, and energy consumption.

ESSE: Efficient Secure Session Establishment for Internet-Integrated Wireless Sensor Networks

The dramatically increasing number of connected things based on Internet protocol is leading to a new concept called the Internet of Things (IoT). The Internet-integrated wireless sensor network has recently become one of the most important service targets in IoT field. To provide secure IoT services, the IETF proposed using Datagram Transport Layer Security (DTLS) as a de facto security protocol. In this paper, we examine problems that can happen when applying the DTLS protocol to the IoT, which comprises constrained devices and constrained networks. To solve the problems at hand, we separate the DTLS protocol into a handshake phase (i.e., establishment phase) and an encryption phase (i.e., transmission phase). Our approach enhances the performance of both device and network by using a way to delegate the DTLS handshake phase. The proposed scheme supports secure end-to-end communication despite using delegation.